TRIGON BASED AUTHENTICATION, AUTHORIZATION AND DISTRIBUTION OF ENCRYPTED KEYS WITH GLOBUS MIDDLEWARE Anitha Kumari K 08MW01 II ME – Software Engineering
CONTENTS Introduction Work Done Problem Definition Existing System Proposed Methodology Feasibility Analysis and System Requirements Scope Results Literature Survey Publications References Conclusion Timeline Chart
INTRODUCTION Grid computing involves the formation of dynamic virtual organizations including groups of individuals as well as associated resources where security is an important criteria. Proposed methodology mainly aims to provide more security based on trigon based authentication and authorization and then distribution of channels with key take place by hash algorithm using GLOBUS as middleware In the distributed channel users join and communicate with other group members using this key. Provides Secure communication and dynamic groups.
WORK DONE KEY DISTRIBUTION Whenever a user join the keys are generated dynamically and encoded using MD5 and each member communicates with the other group members using this key. TRIGON BASED AUTHENTICATION P roposed a dual trigon based authentication, which will authenticate the user by a combined mechanism of two files, namely, authentication file and backend file and then allows the user to authorize the resources.
PROBLEM DEFINITION Taking the security as the main constraint in grid computing environment, we are proposing a trigon based authentication and authorization, and then distribution of channels by MD5 algorithm to reduce computational load using GLOBUS as middleware.
EXISTING SYSTEM Separate authentication and authorization protocol is used. Key Distribution is slow. No forward/backward secrecy. computational cost high – ‘n’ encryption and ‘n’ unicast
PROPOSED METHODOLOGY Trigon based authentication and authorization is used to maintain strong security by splitting the password and storing in two files. Distribution of channels by MD5 algorithm MODULES 1.Authentication 2.Authorisation 3.Distribution of Channels 4.File transfer 5.Formation of Virtual Organization
TRIGON BASED AUTHENTICATION ALGORITHM REGISTRATION User registers with username and password Authentication file generates the three sides of the trigon a, a’ and a’’ Determines variance and the product of the sides Vaa’ and Paa’ where Vaa’=a-a’ Paa’ = a * a’ Save α and username in authentication file and forwards username, Vaa’ and Paa’ to Backend file where Backend file saves Vaa’ and Paa' for the corresponding username
REGISTRATION – FLOW DIAGRAM
Contd … AUTHENTICATION User Login P AI is the ASCII-interpreted value of the given password Calculate pi and AI(i) where P AI(i) / 10 pow n-2 ; if P AI (i) ≥ 180 Pi = { P AI(i)/ 10 pow n-3 ; else AI(i) = Pi/2; Authentication file sends αi and username to backend file Backend File determines AT(i) and sends to authentication file where AT(i) = αi + Vaa’i 2Paa‘i If Sin AI(i) = ( 1- ATi / 2 ) ½ then token is issued for authorization
FLOW DIAGRAM - AUTHENTICATION
FEASIBILITY ANALYSIS AND SYSTEM REQUIREMENTS The methods used here utilized the fundamental properties of the trigon and the trigon parameters, made the grid more secure as the alienated passwords had been derived from these trigon parameters Key distribution using hash function provides more security Operating system - Linux RHEL5 Programming language - Java
SCOPE The implementation of dual authentication method provide effective performance, security and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm Forward/backward Secrecy maintained. Reduction of computation and communication cost. Dynamic rekey operations and no need of resources. Highly scalable Online chat groups
RESULTS 1.Usernames, Passwords and the trigon parameters based on the user passwords provided at the time of registration
2. The authentication parameters derived from the trigon parameters, the authentication code status and the outcome obtained from authentication of the user.
3. Number of Nodes and Distribution Time in seconds
4.Graph-Number of nodes Vs Distribution time in seconds
5.SAMPLE OUTPUT eff3.stdout User Name : sud Password : sudhi Alpha : E10 Vp : Pp : E11 Token is : Pi : Authentication token User Token : RegToken : Valid User file length: 2 hash: e44fea3bec53bcea3b7513ccef5857ac New channel discovered cse
JOB SUBMISSION
LITERATURE SURVEY An Computation-Efficient Multicast Key Distribution. Key Establishment in Large Dynamic Groups Using One-Way Function Trees - Centralized Hierarchical Methods - One-way function trees A Simple User Authentication Scheme for Grid Computing A Certificate-Free Grid Security Infrastructure Supporting Password-Based User Authentication
PUBLICATIONS AUTHENTICATION PUBLICATION "International Journal of Computer Science and Information Security" Dec 2009, vol 6, pp ( ). Accepted in National level Conference (NCSSS) in BIT.
REFERENCES 1.Rongxing Lu, Zhenfu Cao, Zhenchuan Chai, and Xiaohui Liang, "A Simple User Authentication Scheme for Grid Computing, International Journal of Network Security, vol.7, no.2, Pp.202–206, September J. Crampton, H.W.Lim, K.G.Paterson and G.Price, "A Certificate- Free Grid Security Infrastructure Supporting Password-Based User Authentication" In Proceedings of the 6th Annual PKI R&D Workshop 2007, pp , Gaithersburg, Maryland, USA, Computation-Efficient Multicast Key Distribution -Lihao Xu, Senior Member, IEEE, and Cheng Huang, Member, ieee transactions on parallel and distributed systems, vol. 19, no. 5, may Key Establishment in Large Dynamic Groups Using One-Way Function Trees -Alan T. Sherman and David A. McGrew, Member, ieee transactions on software engineering, vol. 29, no. 5, may 2003
CONCLUSION The implementation of our dual authentication protocol showed its effective performance in pinpointing the adversaries and paying the way to valid users for access with the VO for resource sharing such as efficient computational channel distribution with help of MD5 algorithm. So the utilization of this scheme will make the grid environment more secure
TIMELINE CHART Jan Feb-March Trigon based authentication Trigon based authorization and distribution of channels TIME MODULESMODULES April-May 2010 File Transformation and Formation of Virtual Organization
THANK YOU